For version 1.5 and later, see: http://docs.joomla.org/How_do_you_recover_your_admin_password%3F

−

−

'''Introduction'''

Because passwords are stored using a one-way [http://en.wikipedia.org/wiki/Password_salting "salted"] MD5 hash which prevents recovering the password, you cannot recover an existing password, but you can reset it to a new password by editing the password field in the database. In the following directions, you will set the password MD5 value to a known value and then log-in using the password that matches that value. Once logged in, you can change the password again using normal Joomla! user access screens.

Because passwords are stored using a one-way [http://en.wikipedia.org/wiki/Password_salting "salted"] MD5 hash which prevents recovering the password, you cannot recover an existing password, but you can reset it to a new password by editing the password field in the database. In the following directions, you will set the password MD5 value to a known value and then log-in using the password that matches that value. Once logged in, you can change the password again using normal Joomla! user access screens.

Revision as of 19:11, 1 September 2013

Because passwords are stored using a one-way "salted" MD5 hash which prevents recovering the password, you cannot recover an existing password, but you can reset it to a new password by editing the password field in the database. In the following directions, you will set the password MD5 value to a known value and then log-in using the password that matches that value. Once logged in, you can change the password again using normal Joomla! user access screens.

Joomla! 1.0.13 Enhanced Password System Initial tests indicate that the method described here also works with Joomla! 1.0.13 salt-enhanced passwords. This is because Joomla! automatically updates password data from earlier versions to the 1.0.13 format.

Directions

1. Use a MySQL utility such as phpMyAdmin or MySQL Query Browser .

2. Open the correct database and select the table, jos_users . (Change default table prefix, 'jos_' to your table prefix if it is different.)

3. Select the record (or table row) for your administrator account (The first admin account, created by default, has an id of 62).

4. Copy and paste a known MD5 hash, such as one of the samples provided with this FAQ, into the password field. Warning: You must paste the password's hash value, not the password itself. You can use any of the following password = hash pairs, or create your own using one of the tools listed below.

6. Point your browser to your site and log as the administrator using your new password.

7. Once logged in, Joomla will convert your md5 hash to a salted md5 hash, but you should change the password again to one that only you know.

Using phpMyAdmin built-in 'PASSWORD' function for new passwords

1. Use a MySQL utility such as phpMyAdmin with MySQL 5.0.1 (or newer).

2. Open the correct database and select the table, jos_users . (Change default table prefix, 'jos_' to your table prefix if it is different.)

3. Select the record (or table row) for your administrator account (The first admin account, created by default, has an id of 62).

4. Click on 'Edit Record'.

5. To the right of the 'password' field, select the drop-down "function" of "PASSWORD".

6. Enter new password in the 'data' field.

7. Save the record.

8. Point your browser to your site and log as the administrator using your new password.

9. Once logged in, Joomla will convert your md5 hash to a salted md5 hash, but you should change the password again to one that only you know.

Generating your own MD5 hash from a password of your choice

Alternatively, you can set the password to a value of your own choice. Use tools, such as the following, to create your own strong hashed password. Use the above directions once you've generated a hash with these tools.